Code-Projects Inventory Management System 注入漏洞

Inventory Management System is an inventory management system. Inventory Management System has a SQL injection vulnerability that stems from insufficient filtering of the orderId parameter in the file /phpaction/editPayment.php. No details of the vulnerability are available at this time...

CVE-2025-6834 code-projects Inventory Management System editPayment.php sql injection

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /phpaction/editPayment.php. The manipulation of the argument orderId leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-6834

CVE-2025-6834 affects code-projects Inventory Management System 1.0. The vulnerability is an SQL injection in the file /php_action/editPayment.php caused by unsafely handling the orderId parameter. It can be exploited remotely with no user interaction required. Multiple connected sources confirm ...

CVE-2024-8216

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

CVE-2024-10734 Project Worlds Life Insurance Management System editPayment.php sql injection

A vulnerability was found in Project Worlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /editPayment.php. The manipulation of the argument reciptno leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2024-8216

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

CVE-2024-8216

CVE-2024-8216 affects nafisulbari/itsourcecode Insurance Management System 1.0. The issue is in the Payment Handler’s file editPayment.php , where manipulation of the argument recipt_no leads to improper access controls and may be exploitable remotely. Multiple sources (NVD, CVE lists, Red Hat, c...

CVE-2024-8216 nafisulbari/itsourcecode Insurance Management System Payment editPayment.php access control

A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. Affected by this issue is some unknown functionality of the file editPayment.php of the component Payment Handler. The manipulation of the argument reciptno leads to...

Insurance Management System 访问控制错误漏洞

Insurance Management System is an insurance management system from the individual developer Angel Jude Reyes Suarez. An access control error vulnerability exists in Insurance Management System version 1.0, which stems from the manipulation of the parameter reciptno in the component payment handle...

Sql injection

Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editPayment.php?reciptno=...